MOSK Release Notes latest documentation

Mirantis OpenStack on Kubernetes Release Notes

Mirantis OpenStack on Kubernetes GA release

Release date

Name

Container Cloud Cluster release

Description

November 05, 2020

MOSK Ussuri

6.8.1

General availability of the product with OpenStack Ussuri and choice of Neutron/OVS or Tungsten Fabric 5.1 for networking. Runs on top of a bare metal Kubernetes cluster managed by Container Cloud.

Product highlights

Mirantis OpenStack on Kubernetes (MOSK) represents a frictionless cloud infrastructure on-premise. MOSK Ussuri is integrated with Container Cloud bare metal with Ceph and StackLight onboard and, optionally, supports Tugsten Fabric 5.1 as a back end for the OpenStack networking. In terms of updates, MOSK Ussuri fully relies on the Container Cloud update delivery mechanism.

OpenStack Ussuri

MOSK provides support for OpenStack Ussuri and the following OpenStack components of this release, in particular:

  • Identity service (Keystone)

  • Compute service (Nova)

  • Image service (Glance)

  • Block Storage service (Cinder)

  • Orchestration (Heat)

  • Networking (Neutron)

  • Load Balancer (Octavia)

  • DNS service (Designate)

  • Dashboard (Horizon)

  • Key management (Barbican)

  • Tempest


Tungsten Fabric 5.1

MOSK provides support for Tungsten Fabric 5.1 as an SDN back end for OpenStack.

The list of the key highlights include:

  • Integration with OpenStack Ussuri

  • Implementation of the Octavia Tungsten Fabric driver for OpenStack LBaaS

  • LCM operations for supported Tungsten Fabric services as well as third-party services such as Cassandra, ZooKeeper, Kafka, Redis, and RabbitMQ.

Major components versions

Mirantis has tested MOSK against a very specific configuration and can guarantee a predictable behavior of the product only in the exact same environments. The table below includes the major MOSK components with the exact versions against which testing has been performed.

MOSK GA components versions

Component

Version

Cluster release

6.8.1

OpenStack

Ussuri

openstack-operator

0.3.9

Tungsten Fabric

5.1

tungstenfabric-operator

0.1.3

Known issues

This section contains the description of the known issues with available workarounds.

OpenStack known issues and limitations


Limitations

Due to limitations in the Octavia and MOSK integration, the clusters where Neutron is deployed in the Distributed Virtual Router (DVR) mode are not stable. Therefore, Mirantis does not recommend such configuration for production deployments.


[6912] Octavia load balancers may not work properly with DVR

Target fix version: next MOSK update

When Neutron is deployed in the DVR mode, Octavia load balancers may not work correctly. The symptoms include both failure to properly balance traffic and failure to perform an amphora failover.


[8573] External authentication to Horizon fails to log in a different user

Target fix version: next MOSK update

Horizon retains the user credentials following their initial login using External Authentication Service and does not allow to log in with another user credentials.

Workaround:

  1. Clear cookies in your browser.

  2. Select External Authentication Service on the Horizon login page.

  3. Click Sign In. The Keycloak login page opens.

    If the following error occurs, refresh the page and try again:

    CSRF token missing or incorrect. Cookies may be turned off.
    Make sure cookies are enabled and try again.
    

Tungsten Fabric known issues and limitations


Limitations

  • Tungsten Fabric is not monitored by StackLight

  • Tungsten Fabric does not support the following OpenStack services:

    • DNS service (Designate)

    • Key management (Barbican)

    • Neutron RBAC


[8469] Load balancer port always has default security group

Octavia always enables a default security group for a newly created load balancer causing the issue with the load balancer accessibility. To workaround the issue, select one of the following options:

  • Add the required rules to the default security group.

  • Delete the security group through the Tungsten Fabric web UI:

    1. Navigate to Configure > Networking > Ports.

    2. Remove the security group from the non-VIP ports. The VIP port has neutron:LOADBALANCER in the Device column.


[8293] Error messages on attempts to use loggers

The HAProxy service, which is used as a back end for load balancers in Tungsten Fabric, uses non-existing socket files from the log collection service. This error in the configuration causes the logging of error messages on attempts to use loggers in contrail-lbaas-haproxy-stdout.log. The issue does not affect the service operability.

Release artifacts

This section lists the components artifacts of the MOSK Ussuri release:


OpenStack Ussuri release artifacts

Artifact

Component

Path

Binaries

octavia-amphora

https://binary.mirantis.com/openstack/bin/octavia/amphora-x64-haproxy-ussuri-20200926005743.qcow2

mirantis

https://binary.mirantis.com/openstack/bin/horizon/mirantis-ussuri-26b0ff5.tar.gz

Docker images

placement

mirantis.azurecr.io/openstack/placement:ussuri-bionic-20201019180023

keystone

mirantis.azurecr.io/openstack/keystone:ussuri-bionic-20201019180023

heat

mirantis.azurecr.io/openstack/heat:ussuri-bionic-20201019180023

glance

mirantis.azurecr.io/openstack/glance:ussuri-bionic-20201019180023

cinder

mirantis.azurecr.io/openstack/cinder:ussuri-bionic-20201019180023

neutron

mirantis.azurecr.io/openstack/neutron:ussuri-bionic-20201019180023

nova

mirantis.azurecr.io/openstack/nova:ussuri-bionic-20201019180023

horizon

mirantis.azurecr.io/openstack/horizon:ussuri-bionic-20201019180023

tempest

mirantis.azurecr.io/openstack/tempest:ussuri-bionic-20201019180023

dashboard-selenium

mirantis.azurecr.io/openstack/dashboard-selenium:ussuri-bionic-20201006074752

octavia

mirantis.azurecr.io/openstack/octavia:ussuri-bionic-20201019180023

designate

mirantis.azurecr.io/openstack/designate:ussuri-bionic-20201019180023

ironic

mirantis.azurecr.io/openstack/ironic:ussuri-bionic-20201019180023

barbican

mirantis.azurecr.io/openstack/barbican:ussuri-bionic-20201019180023

libvirt

mirantis.azurecr.io/general/libvirt:6.0.0-bionic-20201007084753

pause

mirantis.azurecr.io/general/external/pause:3.1

openvswitch

mirantis.azurecr.io/general/openvswitch:2.11-bionic-20200812034813

rabbitmq-3.8

mirantis.azurecr.io/general/rabbitmq:3.8.7

rabbitmq-3.8-management

mirantis.azurecr.io/general/rabbitmq:3.8.7-management

kubernetes-entrypoint

mirantis.azurecr.io/openstack/extra/kubernetes-entrypoint:v1.0.0-20200311160233

docker

mirantis.azurecr.io/openstack/extra/docker:17.07.0

memcached

mirantis.azurecr.io/general/memcached:1.6.6-alpine

ceph-config-helper

mirantis.azurecr.io/openstack/extra/ceph-config-helper:nautilus-bionic-20200810084204

etcd

mirantis.azurecr.io/openstack/extra/etcd:3.2.26

powerdns

mirantis.azurecr.io/openstack/extra/powerdns:4.2-alpine-20200117133238

nginx-ingress-controller

mirantis.azurecr.io/openstack/extra/nginx-ingress-controller:0.32.0

defaultbackend

mirantis.azurecr.io/openstack/extra/defaultbackend:1.0

mariadb

mirantis.azurecr.io/general/mariadb:10.4.14-bionic-20200812025059

rabbitmq-exporter

mirantis.azurecr.io/stacklight/rabbitmq-exporter:v0.29.0

prometheus-memcached-exporter

mirantis.azurecr.io/stacklight/memcached-exporter:v0.5.0

prometheus-mysql-exporter

mirantis.azurecr.io/stacklight/mysqld-exporter:v0.11.0

xrally-openstack

mirantis.azurecr.io/openstack/extra/xrally-openstack:1.5.0

aodh

mirantis.azurecr.io/openstack/aodh:ussuri-bionic-20201019180023

panko

mirantis.azurecr.io/openstack/panko:ussuri-bionic-20201019180023

ceilometer

mirantis.azurecr.io/openstack/ceilometer:ussuri-bionic-20201019180023

gnocchi

mirantis.azurecr.io/openstack/gnocchi:ussuri-bionic-20201019180023

redis

mirantis.azurecr.io/openstack/extra/redis:5.0-alpine

Helm charts

openstack-operator

https://binary.mirantis.com/openstack/helm/openstack-controller/openstack-operator-0.3.9.tgz

aodh

https://binary.mirantis.com/openstack/helm/openstack-helm/aodh-0.1.0-mcp-3742.tgz

barbican

https://binary.mirantis.com/openstack/helm/openstack-helm/barbican-0.1.0-mcp-3742.tgz

ceilometer

https://binary.mirantis.com/openstack/helm/openstack-helm/ceilometer-0.1.0-mcp-3742.tgz

cinder

https://binary.mirantis.com/openstack/helm/openstack-helm/cinder-0.1.0-mcp-3742.tgz

designate

https://binary.mirantis.com/openstack/helm/openstack-helm/designate-0.1.0-mcp-3742.tgz

glance

https://binary.mirantis.com/openstack/helm/openstack-helm/glance-0.1.0-mcp-3742.tgz

heat

https://binary.mirantis.com/openstack/helm/openstack-helm/heat-0.1.0-mcp-3742.tgz

horizon

https://binary.mirantis.com/openstack/helm/openstack-helm/horizon-0.1.0-mcp-3742.tgz

ironic

https://binary.mirantis.com/openstack/helm/openstack-helm/ironic-0.1.0-mcp-3742.tgz

keystone

https://binary.mirantis.com/openstack/helm/openstack-helm/keystone-0.1.0-mcp-3742.tgz

magnum

https://binary.mirantis.com/openstack/helm/openstack-helm/magnum-0.1.0-mcp-3742.tgz

mistral

https://binary.mirantis.com/openstack/helm/openstack-helm/mistral-0.1.0-mcp-3742.tgz

neutron

https://binary.mirantis.com/openstack/helm/openstack-helm/neutron-0.1.0-mcp-3742.tgz

nova

https://binary.mirantis.com/openstack/helm/openstack-helm/nova-0.1.0-mcp-3742.tgz

octavia

https://binary.mirantis.com/openstack/helm/openstack-helm/octavia-0.1.0-mcp-3742.tgz

panko

https://binary.mirantis.com/openstack/helm/openstack-helm/panko-0.1.0-mcp-3742.tgz

rally

https://binary.mirantis.com/openstack/helm/openstack-helm/rally-0.1.0-mcp-3742.tgz

senlin

https://binary.mirantis.com/openstack/helm/openstack-helm/senlin-0.1.0-mcp-3742.tgz

tempest

https://binary.mirantis.com/openstack/helm/openstack-helm/tempest-0.1.0-mcp-3742.tgz

dashboard-selenium

https://binary.mirantis.com/openstack/helm/openstack-helm/dashboard-selenium-0.1.0-mcp-3742.tgz

placement

https://binary.mirantis.com/openstack/helm/openstack-helm/placement-0.1.0-mcp-3742.tgz

calico

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/calico-0.1.0-mcp-2650.tgz

ceph-client

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ceph-client-0.1.0-mcp-2650.tgz

ceph-mon

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ceph-mon-0.1.0-mcp-2650.tgz

ceph-osd

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ceph-osd-0.1.0-mcp-2650.tgz

ceph-provisioners

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ceph-provisioners-0.1.0-mcp-2650.tgz

ceph-rgw

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ceph-rgw-0.1.0-mcp-2650.tgz

dnsmasq

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/dnsmasq-0.1.0-mcp-2650.tgz

elastic-apm-server

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/elastic-apm-server-0.1.0-mcp-2650.tgz

elastic-filebeat

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/elastic-filebeat-0.1.0-mcp-2650.tgz

elastic-metricbeat

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/elastic-metricbeat-0.1.0-mcp-2650.tgz

elastic-packetbeat

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/elastic-packetbeat-0.1.0-mcp-2650.tgz

elasticsearch

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/elasticsearch-0.1.0-mcp-2650.tgz

etcd

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/etcd-0.1.0-mcp-2650.tgz

falco

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/falco-0.1.0-mcp-2650.tgz

flannel

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/flannel-0.1.0-mcp-2650.tgz

fluentbit

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/fluentbit-0.1.0-mcp-2650.tgz

fluentd

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/fluentd-0.1.0-mcp-2650.tgz

gnocchi

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/gnocchi-0.1.0-mcp-2650.tgz

grafana

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/grafana-0.1.0-mcp-2650.tgz

helm-toolkit

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/helm-toolkit-0.1.0-mcp-2650.tgz

ingress

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ingress-0.1.0-mcp-2650.tgz

kibana

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/kibana-0.1.0-mcp-2650.tgz

kube-dns

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/kube-dns-0.1.0-mcp-2650.tgz

kubernetes-keystone-webhook

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/kubernetes-keystone-webhook-0.1.0-mcp-2650.tgz

ldap

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/ldap-0.1.0-mcp-2650.tgz

libvirt

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/libvirt-0.1.0-mcp-2650.tgz

lockdown

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/lockdown-0.1.0-mcp-2650.tgz

mariadb

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/mariadb-0.1.0-mcp-2650.tgz

memcached

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/memcached-0.1.0-mcp-2650.tgz

mongodb

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/mongodb-0.1.0-mcp-2650.tgz

nagios

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/nagios-0.1.0-mcp-2650.tgz

nfs-provisioner

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/nfs-provisioner-0.1.0-mcp-2650.tgz

openvswitch

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/openvswitch-0.1.0-mcp-2650.tgz

podsecuritypolicy

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/podsecuritypolicy-0.1.0-mcp-2650.tgz

postgresql

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/postgresql-0.1.0-mcp-2650.tgz

powerdns

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/powerdns-0.1.0-mcp-2650.tgz

prometheus

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/prometheus-0.1.0-mcp-2650.tgz

prometheus-alertmanager

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/prometheus-alertmanager-0.1.0-mcp-2650.tgz

prometheus-kube-state-metrics

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/prometheus-kube-state-metrics-0.1.0-mcp-2650.tgz

prometheus-node-exporter

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/prometheus-node-exporter-0.1.0-mcp-2650.tgz

prometheus-openstack-exporter

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/prometheus-openstack-exporter-0.1.0-mcp-2650.tgz

prometheus-process-exporter

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/prometheus-process-exporter-0.1.0-mcp-2650.tgz

rabbitmq

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/rabbitmq-0.1.0-mcp-2650.tgz

redis

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/redis-0.1.0-mcp-2650.tgz

registry

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/registry-0.1.0-mcp-2650.tgz

tiller

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/tiller-0.1.0-mcp-2650.tgz

zookeeper

https://binary.mirantis.com/openstack/helm/openstack-helm-infra/zookeeper-0.1.0-mcp-2650.tgz


Tungsten Fabric release artifacts

Artifact

Component

Path

Binaries

Tungsten Fabric Operator

https://binary-mirantis-com/tungsten/helm/tungstenfabric-operator-0.1.3.tgz

Docker images

TF Analytics

mirantis.azurecr.io/tungsten/contrail-analytics-api:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-analytics-collector:5.1.20201022210010

TF Analytics Alarm

mirantis.azurecr.io/tungsten/contrail-analytics-alarm-gen:5.1.20201022210010

TF Analytics DB

mirantis.azurecr.io/tungsten/contrail-analytics-query-engine:5.1.20201022210010

TF Analytics SNMP

mirantis.azurecr.io/tungsten/contrail-analytics-snmp-collector:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-analytics-snmp-topology:5.1.20201022210010

TF Config

mirantis.azurecr.io/tungsten/contrail-controller-config-api:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-controller-config-devicemgr:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-controller-config-schema:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-controller-config-svcmonitor:5.1.20201022210010

TF Control

mirantis.azurecr.io/tungsten/contrail-controller-control-control:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-controller-control-dns:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-controller-control-named:5.1.20201022210010

TF Web UI

mirantis.azurecr.io/tungsten/contrail-controller-webui-job:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-controller-webui-web:5.1.20201022210010

Nodemanager

mirantis.azurecr.io/tungsten/contrail-nodemgr:5.1.20201022210010

TF Status

mirantis.azurecr.io/tungsten/contrail-status:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-tf-status:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-tf-status-aggregator:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-tf-status-party:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-tungsten-pytest:5.1.20201022210010

TF VRouter

mirantis.azurecr.io/tungsten/contrail-vrouter-agent:5.1.20201022210010

mirantis.azurecr.io/tungsten/contrail-vrouter-kernel-build-init:5.1.20201022210010

Cassandra operator

mirantis.azurecr.io/tungsten-operator/casskop:v0.5.3-release

Cassandra

mirantis.azurecr.io/tungsten/cassandra-bootstrap:0.1.4

mirantis.azurecr.io/tungsten/cassandra:3.11.6

Kafka operator

mirantis.azurecr.io/tungsten-operator/kafka-k8s-operator:0.0.6

Kafka

mirantis.azurecr.io/tungsten/cp-kafka:5.5.2

RabbitMQ operator

mirantis.azurecr.io/tungsten-operator/rabbitmq-operator:0.0.7

RabbitMQ

mirantis.azurecr.io/general/rabbitmq:3.8.7

Zookeeper operator

mirantis.azurecr.io/tungsten-operator/zookeeper-operator:0.2.9

Zookeeper

mirantis.azurecr.io/tungsten/zookeeper:3.6.1-0.2.9

Redis operator

mirantis.azurecr.io/tungsten-operator/redis-operator:0.1.5-1-ccd6a63

Redis

mirantis.azurecr.io/tungsten/redis:5-alpine